Re: [Full-disclosure] Vulnerability in Backtrack



Crazy! it works in pretty much every linux by default.

This guy knows stuff. We all got to enroll on that "High School of
Security" he is talking about!!!


On Tue, Apr 24, 2012 at 4:51 PM, David3 Gonnella <netevil@xxxxxxxxxx> wrote:

it makes me scary! There is also on my distro! DOH! ;P


On 04/24/12 16:41, Urlan wrote:
It makes me laugh! hahahaha

2012/4/24 Gage Bystrom <themadichib0d@xxxxxxxxx>

*sigh* vulnerability reports like this make me sad.
On Apr 24, 2012 5:50 AM, "Григорий Братислава" <musntlive@xxxxxxxxx>
wrote:

Is good evening. I is would like to warn you about is vulnerability in
Backtrack is all version.

Backtrack Linux is penetration tester is system. Is come complete with
tool for to make hacking for penetration tester.

In is booting Backtrack, vulnerability exist in booting for when start
if attacker is edit grub, attacker can bypass restricted user and is
boot into admin account. E.g.:

grub edit > kernel /boom/vmlinuz-2.3.11.7 root=/dev/sda1 ro Single
[ENTER]
grub edit > b
# mount -t proc proc /proc
# mount -o remount,rw /
# passwd
[ENTER IS ANYTHING YOU WANT]
# sync
# reboot

I is will make this into video for bypassing security in Backtrack for
to post on InfoSecInstitute

--

`Wherever I is go - there am I routed`





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)
    ... sure a quick talk with Eugene from the Red Hat Linux corporation (he ... browser exploit hackers in the world, I do not do kernel bugs. ... If someone in Goatse Security were to be involved with the ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] =?windows-1252?q?Win_Your_Copy_of_=93BackTrack_?= =?windows-1252?q
    ... BackTrack - beautiful & powerful security distribution! ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Vulnerability in Backtrack
    ... Backtrack Linux is penetration tester is system. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: Tools to use for Penetration Testing?
    ... I am interested in getting started as a white hat hacker/pen tester. ... There's a great live Linux CD distribution out there called Backtrack ... prerequisite, but since both certs are vendor driven, they aren't ... You'd probably be most interested in Security ...
    (Pen-Test)
  • Re: install driver for 3com homeconnect webcam
    ... Such a patch is usually applied to a kernel source and then you ... Linux you are running and what you have done so far to try to get the ... but I don't know anything about that distro. ... Do you have to use BackTrack? ...
    (uk.comp.os.linux)